PrepAway - Latest Free Exam Questions & Answers

What would BEST define risk management?

What would BEST define risk management?

PrepAway - Latest Free Exam Questions & Answers

A.
The process of eliminating the risk

B.
The process of assessing the risks

C.
The process of reducing risk to an acceptable level

D.
The process of transferring risk

Explanation:
Risk management is defined the process of identifying and assessing risk, reducing it to an acceptable level,
and implementing the right mechanisms to maintain that level.
However, the process of identifying and assessing risk is also defined as risk assessment. This leaves reducing
risk to an acceptable level as the BEST definition of risk management as required in this question.
Incorrect Answers:
A: The process of eliminating the risk is not the definition or risk management. Risk management is said to
‘reduce’ risk rather than eliminate risk because you can never fully eliminate risk.
B: The process of assessing the risks is defined by the phrase risk assessment which means this is not the
BEST answer as required in this question.
D: The process of transferring risk can be a method of reducing risk. However, this is not the BEST definition of
risk management.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 70-73


Leave a Reply